[stir] Stephen Farrell's Discuss on draft-ietf-stir-passport-10: (with DISCUSS)
"Stephen Farrell" <stephen.farrell@cs.tcd.ie> Thu, 03 November 2016 02:08 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: stir@ietf.org
Delivered-To: stir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A52161293FB; Wed, 2 Nov 2016 19:08:13 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.37.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <147813889365.24118.12619854983152878871.idtracker@ietfa.amsl.com>
Date: Wed, 02 Nov 2016 19:08:13 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/ZmQsmpCwE8HVtdcSyi5yNFKuZsE>
Cc: stir@ietf.org, rjsparks@nostrum.com, stir-chairs@ietf.org, draft-ietf-stir-passport@ietf.org
Subject: [stir] Stephen Farrell's Discuss on draft-ietf-stir-passport-10: (with DISCUSS)
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.17
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Nov 2016 02:08:13 -0000
Stephen Farrell has entered the following ballot position for draft-ietf-stir-passport-10: Discuss When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/iesg/statement/discuss-criteria.html for more information about IESG DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-stir-passport/ ---------------------------------------------------------------------- DISCUSS: ---------------------------------------------------------------------- Deterministic ECDSA (RFC6979) gets rid of a significant weakness with ECDSA. IIRC when JOSE was done there was a feeling that adding a MUST or SHOULD for that was tricky due to lack of support in libraries. When we recently re-checked for COSE, the answer was that today, it's ok to have that as a MUST or SHOULD. (If some kind of FIPS-140 stuff precludes a MUST, then a "SHOULD unless you're sad enough to be stuck having to pay lip lipservice to FIPS-140" clause might be right. So the DISCUSS point here is: given the real-world demonstrated weakness inherent in the need for an RNG in ECDSA why didn't the WG choose to at least RECOMMEND deterministic ECDSA? (Or better, make it a MUST.) If the answer is: "we thought about it [ref] and decided to not require deterministic" then I'll clear. But even if the WG did consider it a couple of years ago, the situation may have changed so a quick re-think might be worthwhile.
- [stir] Stephen Farrell's Discuss on draft-ietf-st… Stephen Farrell
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Peterson, Jon
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Chris Wendt
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Eric Burger
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Chris Wendt
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Stephen Farrell
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Chris Wendt
- Re: [stir] Stephen Farrell's Discuss on draft-iet… Chris Wendt